skyquake/framework/core/modules/routes/auth.js

   1
   2 /*
   3  *
   4  *   Copyright 2016 RIFT.IO Inc
   5  *
   6  *   Licensed under the Apache License, Version 2.0 (the "License");
   7  *   you may not use this file except in compliance with the License.
   8  *   You may obtain a copy of the License at
   9  *
  10  *       http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  *   Unless required by applicable law or agreed to in writing, software
  13  *   distributed under the License is distributed on an "AS IS" BASIS,
  14  *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  *   See the License for the specific language governing permissions and
  16  *   limitations under the License.
  17  *
  18  */
  19
  20 /**
  21  * auth routes module. Provides a RESTful API for this
  22  * skyquake instance's auth state.
  23  * @module framework/core/modules/routes/auth
  24  * @author Kiran Kashalkar <kiran.kashalkar@riftio.com>
  25  */
  26
  27 var cors = require('cors');
  28 var bodyParser = require('body-parser');
  29 var Router = require('express').Router();
  30 var utils = require('../../api_utils/utils');
  31 var configurationAPI = require('../api/configuration');
  32
  33 var auth = {};
  34
  35 auth.routes = function(authManager) {
  36         console.log('Configuring auth routes');
  37         Router.use(bodyParser.json());
  38         Router.use(cors());
  39         Router.use(bodyParser.urlencoded({
  40             extended: true
  41         }));
  42
  43         // Define routes.
  44     Router.get('/', function(req, res) {
  45         var default_page = null;
  46         var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server);
  47         if (req.session && req.session.topApplication) {
  48             default_page = utils.buildRedirectURL(req, configurationAPI.globalConfiguration, req.session.topApplication);
  49         } else {
  50             default_page = utils.buildRedirectURL(req, configurationAPI.globalConfiguration, 'user_management', '#/user-profile');
  51         }
  52         if (!req.user) {
  53             res.redirect('/login');
  54         } else {
  55             res.redirect(default_page);
  56         }
  57     });
  58
  59     Router.get('/login', cors(), function(req, res) {
  60         // res.render('login.html');
  61         res.redirect('/login/idp');
  62     });
  63
  64     Router.get('/login/idp',
  65         authManager.passport.authenticate('oauth2')
  66     );
  67
  68     Router.get('/callback', function(req, res, next) {
  69         authManager.passport.authenticate('oauth2', function(err, user, info) {
  70             if (err) {
  71                 // Catch some errors specific to deployments (e.g. IDP unavailable)
  72                 if (err.oauthError && err.oauthError.code == 'ENOTFOUND') {
  73                     return res.render('idpconnectfail.ejs', {
  74                         callback_url: req.url
  75                     });
  76                 }
  77                 return res.redirect('/login');
  78             }
  79             if (!user) {
  80                 return res.redirect('/login');
  81             }
  82             req.logIn(user, function(err) {
  83                 if (err) {
  84                     return next(err);
  85                 }
  86                 return res.redirect('/session?redirectParams=' + req.url);
  87             });
  88         })(req, res, next);
  89     });
  90
  91
  92     Router.get('/login.html', cors(), function(req, res) {
  93         res.render('login.html');
  94     });
  95 }
  96
  97 auth.router = Router;
  98
  99 module.exports = auth;